Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)
| # | |
| # NixOS Configuration for Framework Laptop | |
| # | |
| { config, lib, pkgs, modulesPath, ... }: | |
| { | |
| boot.kernelParams = [ "mem_sleep_default=deep" ]; |
| // How many ways can you alert(document.domain)? | |
| // Comment with more ways and I'll add them :) | |
| // I already know about the JSFuck way, but it's too long to add (: | |
| // Direct invocation | |
| alert(document.domain); | |
| (alert)(document.domain); | |
| al\u0065rt(document.domain); | |
| al\u{65}rt(document.domain); | |
| window['alert'](document.domain); |
I was talking to a coworker recently about general techniques that almost always form the core of any effort to write very fast, down-to-the-metal hot path code on the JVM, and they pointed out that there really isn't a particularly good place to go for this information. It occurred to me that, really, I had more or less picked up all of it by word of mouth and experience, and there just aren't any good reference sources on the topic. So… here's my word of mouth.
This is by no means a comprehensive gist. It's also important to understand that the techniques that I outline in here are not 100% absolute either. Performance on the JVM is an incredibly complicated subject, and while there are rules that almost always hold true, the "almost" remains very salient. Also, for many or even most applications, there will be other techniques that I'm not mentioning which will have a greater impact. JMH, Java Flight Recorder, and a good profiler are your very best friend! Mea
By default older Mac computer models have driver issues with the Broadcom Wi-Fi chip. Most instructions online (such as this one from the official Ubuntu docs @ https://help.ubuntu.com/community/Macmini5-1/Precise) suggest to use sudo apt-get and install these packages from the PPA.
BUT you don't have Internet so you can't use apt-get! Instead you can use a different computer to download the packages, then transfer them over.
In the instructions below, you will need to replace sid in the download URL's with the proper version of Debian your version of Ubuntu/Linux is using. To find which version you should use, you can view the chart at https://askubuntu.com/questions/445487/what-debian-version-are-the-different-ubuntu-versions-based-on#445496. If you're using jessie for example, then replace all sid with jessie in the links below.
b43-fwcutter @ (*
*update: TBC, but this new might affect how easy it is to use this technique past August 2024: Authy is shutting down its desktop app | The 2FA app Authy will only be available on Android and iOS starting in August
This gist, based in part on a gist by Brian Hartvigsen, allows you to export from Authy your TOTP tokens you have stored there.
Those can be "standard" 6-digits / 30 secs tokens, or Authy's own version, the 7-digits / 10 secs tokens.
based on https://www.reddit.com/r/vim/comments/24g8r8/italics_in_terminal_vim_and_tmux/
$ echo -e "\e[3mitalic\e[23m"
$ infocmp $TERM | grep sitm
sgr0=\E(B\E[m, sitm=\E[3m, smacs=\E(0, smam=\E[?7h,
Currently, there is an explosion of tools that aim to manage secrets for automated, cloud native infrastructure management. Daniel Somerfield did some work classifying the various approaches, but (as far as I know) no one has made a recent effort to summarize the various tools.
This is an attempt to give a quick overview of what can be found out there. The list is alphabetical. There will be tools that are missing, and some of the facts might be wrong--I welcome your corrections. For the purpose, I can be reached via @maxvt on Twitter, or just leave me a comment here.
There is a companion feature matrix of various tools. Comments are welcome in the same manner.
